libpng version up to and including 1.2.5 have a couple of secuirty holes.
Here are some CVE names
> 1) Remotely exploitable stack-based buffer overrun in
png_handle_tRNS
> (pngrutil.c) > 2) Dangerous code in png_handle_sBIT (pngrutil.c) (Similar code in > png_handle_hIST). CAN-2004-0597 for these (we merge issues that have the same flaw type that
get fixed in the same versions).
> 3) Possible NULL-pointer crash in png_handle_iCCP (pngrutil.c) (this> flaw is duplicated in multiple other locations). CAN-2004-0598 for those
> 4) Theoretical integer overflow in allocation in png_handle_sPLT > (pngrutil.c) > 5) Integer overflow in png_read_png (pngread.c) > 6) Integer overflows during progressive reading. > 7) Other flaws. [integer overflows] CAN-2004-0599 for those
This issue affects FC1, FC2 and FC3 test1.
RHEL is handled by bug 127869